Friday, August 28, 2009

Breaking WPA TKIP in 60 Seconds

Computer scientists in Japan have developed a way to break the WPA (Wi-Fi Protected Access) encryption system used in wireless routers in just one minute.

The attack, which reads encrypted traffic sent between computers and certain types of routers that use the WPA encryption system, was devised by Toshihiro Ohigashi of Hiroshima University and Masakatu Morii of Kobe University.

The scientists plan to discuss further details at a technical conference on 25 September in Hiroshima.

Security researchers first showed how WPA could be broken last November, but the researchers have accelerated theory into practice, taking the proven 15-minute Becks-Tews method developed by researchers Martin Beck and Erik Tews, and speeding it up to just 60 seconds.

Both attacks work only on WPA systems that use the Temporal Key Integrity Protocol (TKIP) algorithm. They do not work on newer WPA 2 devices or on WPA systems that use the stronger Advanced Encryption Standard, or AES, algorithm.

According to their report, the limits of the man-in-the-middle attack are fairly restrictive. However, the development should spark users to drop WPA with TKIP as a secure method of protection.

The process of securing routers has been a long one. The WEP (Wired Equivalent Privacy) system introduced in 1997 is now considered to be insecure by security experts. Then came WPA with TKIP, followed by WPA 2.

However, users have been slow to upgrade to the latest secure methods.